WATCH GUARD NETWORK SECURITY ESSENTIALS
QUESTIONS AND ANSWERS LATEST UPDATE
(ALREADY GRADED A+)
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com).
The update site has multiple subdomains and dynamic IP addresses on a content delivery network.
Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select
one.)
A. Configure a host name for update.example.com.
B. Configure an FQDN for *.example.com.
C. Add IP addresses that correspond to each software update server in the domain.
D. Create an alias for all subdomains and known IP addresses for example.com
Answer : B
From the SMTP proxy action settings in this image, which of these options is configured for outgoing
SMTP traffic? (Select one.)
A. Rewrite the Mail From header for the example.com domain.
B. Deny incoming mail from the example.com domain.
C. Prevent mail relay for the example.com domain.
D. Deny outgoing mail from the example.com domain
Answer : B
You can configure the SMTP-proxy policy to restrict email messages and email content based on which
of these message characteristics? (Select four.)
A. Sender Mail From address
B. Check URLs in message with WebBlocker
C. Email message size
D. Attachment file name and content type
E. Maximum email recipients
Answer : ACDE
After you enable spamBlocker, your users experience no reduction in the amount of spam they
receive. What could explain this? (Select three.)
A. Connections cannot be resolved to the spamBlocker servers because DNS is not configured on the
Firebox.
B. The spamBlocker action for Confirmed Spam is set to Allow.
C. The Maximum File Size to Scan option is set too high.
D. A spamBlocker exception is configured to allow traffic from sender *.
E. spamBlocker Virus Outbreak Detection is not enabled.
Answer : ABD
, An email newsletter about sales from an external company is sometimes blocked by spamBlocker.
What option could you choose to make sure the newsletter is delivered to your users? (Select one.)
A. Add a spamBlocker exception based on the From field of the newsletter email.
B. Set the spamBlocker action to quarantine the email for later retrieval.
C. Add a spamBlocker subject tag for bulk email messages.
D. Set the spamBlocker virus outbreak detection action to allow emails from the newsletter source.
Answer : C
Your company denies downloads of executable files from all websites. What can you do to allow users
on the network to download executable files from the company"™s remote website? (Select one.)
A. Add an HTTP proxy exception for the company"™s remote website.
B. Create a WebBlocker exception to allow access to the company"™s remote website.
C. Create an IPS exception.
D. Create a Blocked Sites exception.
E. Configure HTTP Request > URL Paths to allow the company"™s remote website.
Answer : A
A user receives a deny message that the installation file (install.exe) is blocked by the HTTP-proxy
policy and cannot be downloaded. Which HTTP proxy action rule must you modify to allow download
of the installation file? (Select one.)
A. HTTP Request > Request Methods
B. HTTP Response > Body Content Types
C. HTTP Response > Header Fields
D. WebBlocker
E. HTTP Request > Authorization
Answer : B
Which takes precedence: WebBlocker category match or a WebBlocker exception?
A. WebBlocker exception
B. WebBlocker category match
Answer : A
To prevent certificate error warnings in your browser when you use deep content inspection with the
HTTPS proxy, you can export the proxy authority certificate from the Firebox and import that
certificate to all client devices.
A. True
B. False
Answer : A
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in
HTTP traffic that is encrypted with SSL? (Select two.)
A. WebBlocker
B. Gateway AntiVirus
C. Application Control
QUESTIONS AND ANSWERS LATEST UPDATE
(ALREADY GRADED A+)
You need to create an HTTP-proxy policy to a specific domain for software updates (example.com).
The update site has multiple subdomains and dynamic IP addresses on a content delivery network.
Which of these options is the best way to define the destination in your HTTP-proxy policy? (Select
one.)
A. Configure a host name for update.example.com.
B. Configure an FQDN for *.example.com.
C. Add IP addresses that correspond to each software update server in the domain.
D. Create an alias for all subdomains and known IP addresses for example.com
Answer : B
From the SMTP proxy action settings in this image, which of these options is configured for outgoing
SMTP traffic? (Select one.)
A. Rewrite the Mail From header for the example.com domain.
B. Deny incoming mail from the example.com domain.
C. Prevent mail relay for the example.com domain.
D. Deny outgoing mail from the example.com domain
Answer : B
You can configure the SMTP-proxy policy to restrict email messages and email content based on which
of these message characteristics? (Select four.)
A. Sender Mail From address
B. Check URLs in message with WebBlocker
C. Email message size
D. Attachment file name and content type
E. Maximum email recipients
Answer : ACDE
After you enable spamBlocker, your users experience no reduction in the amount of spam they
receive. What could explain this? (Select three.)
A. Connections cannot be resolved to the spamBlocker servers because DNS is not configured on the
Firebox.
B. The spamBlocker action for Confirmed Spam is set to Allow.
C. The Maximum File Size to Scan option is set too high.
D. A spamBlocker exception is configured to allow traffic from sender *.
E. spamBlocker Virus Outbreak Detection is not enabled.
Answer : ABD
, An email newsletter about sales from an external company is sometimes blocked by spamBlocker.
What option could you choose to make sure the newsletter is delivered to your users? (Select one.)
A. Add a spamBlocker exception based on the From field of the newsletter email.
B. Set the spamBlocker action to quarantine the email for later retrieval.
C. Add a spamBlocker subject tag for bulk email messages.
D. Set the spamBlocker virus outbreak detection action to allow emails from the newsletter source.
Answer : C
Your company denies downloads of executable files from all websites. What can you do to allow users
on the network to download executable files from the company"™s remote website? (Select one.)
A. Add an HTTP proxy exception for the company"™s remote website.
B. Create a WebBlocker exception to allow access to the company"™s remote website.
C. Create an IPS exception.
D. Create a Blocked Sites exception.
E. Configure HTTP Request > URL Paths to allow the company"™s remote website.
Answer : A
A user receives a deny message that the installation file (install.exe) is blocked by the HTTP-proxy
policy and cannot be downloaded. Which HTTP proxy action rule must you modify to allow download
of the installation file? (Select one.)
A. HTTP Request > Request Methods
B. HTTP Response > Body Content Types
C. HTTP Response > Header Fields
D. WebBlocker
E. HTTP Request > Authorization
Answer : B
Which takes precedence: WebBlocker category match or a WebBlocker exception?
A. WebBlocker exception
B. WebBlocker category match
Answer : A
To prevent certificate error warnings in your browser when you use deep content inspection with the
HTTPS proxy, you can export the proxy authority certificate from the Firebox and import that
certificate to all client devices.
A. True
B. False
Answer : A
Which of these options must you configure in an HTTPS-proxy policy to detect credit card numbers in
HTTP traffic that is encrypted with SSL? (Select two.)
A. WebBlocker
B. Gateway AntiVirus
C. Application Control
